Файл: profi_wm/system/class/user.php
Строк: 61
<?php
session_start();
ob_start();
require_once(root.'system/set.inc');
/* снимаем с должности тех, кто покупал её на месяц */
$tim = time() - 2592000;
core::$dbs->query("DELETE FROM `bill_level` WHERE `time` < ?",array($tim));
if(core::$dbs->querySingle("SELECT COUNT(id) FROM `top_tem` WHERE `time` < ?",array(time()))>0){
core::$dbs->query("DELETE FROM `top_tem` WHERE `time` < ?",array(time()));
}
mysql_connect(DBHOST, DBUSER, DBPASS) or die('Database does not exist...');
mysql_select_db(DBNAME) or die('Lost connection to SQL database...');
mysql_query("SET NAMES utf8");
foreach($_GET as $check_url){
if(!is_string($check_url) or !preg_match('#^(?:[a-z0-9_-/]+|.+(?!/))*$#i', $check_url)){
header('Location: /'); exit;
}
} unset($check_url);
if(isset($_COOKIE['us']) && isset($_COOKIE['upassword'])){
$us = intval($_COOKIE['us']);
$upassword = TextGuard($_COOKIE['upassword']);
if(empty($us) or empty($upassword)){
setcookie('us', '', time()-((60*60)*24), '/');
setcookie('upassword', '', time()-((60*60)*24), '/');
}
$user = core::$dbs->queryFetch("SELECT * FROM `user` WHERE `id` = ? and `password`= ? LIMIT 1",array($us,$upassword));
core::$dbs->query("UPDATE `user` SET `online`= ? ,`ip`=?,`ua`=?,`self`= ? WHERE `id`=?",array(time(),$_SERVER['REMOTE_ADDR'],$_SERVER['HTTP_USER_AGENT'],$_SERVER['REQUEST_URI'],$user['id']));
$_SESSION['user_id'] = $user['id'];
$timeactiv=time() - $user['online'];
if($timeactiv < 120){
$newtimeactiv=$user['allonline']+$timeactiv;
core::$dbs->query("UPDATE `user` SET `allonline` = ? WHERE `id`=?",array($newtimeactiv,$user['id']));
}
if(isset($user['id']) && $user['id']!=$us or $user['password']!=$upassword){
setcookie('us', '', time()-((60*60)*24), '/');
setcookie('upassword', '', time()-((60*60)*24), '/');
}
}
echo $_SESSION['id'];
if($user['status']==1 AND $user['status']==2){
$array = core::$dbs->query("SELECT * FROM `user` WHERE `rating` = ? AND `status` != ? AND `status` != ? LIMIT 1",array('-3',3,4));
if($array->rowCount()>0){
$arr = $array->fetch();
core::$dbs->query("UPDATE `user` SET `status` = ? WHERE `id` = ? LIMIT 1",array(0,$user['id']));
}
}
define('standart_css', '25082014_99329_css');
if($user['id'])
{
$ban = core::$dbs->queryFetch("SELECT * FROM `ban` WHERE `who` = ?",array($user['id']));
if($_SERVER['PHP_SELF'] !='/modules/guest/index.php'){
if($ban['end'] > time())
{
require_once(root.'system/header.php');
echo '<div class="verh"><font color="red"><b>Вы забанены!</b></font></div><div class="lst">
Вас забанил: '.ustatus($ban['ho']).' <b>'.uname($ban['ho']).'</b> '.uaccess($ban['ho']).'<br>
Причины: <b>'.smiles(bbcode($ban['why'])).'</b><br>
Дата бана: <b>'.times($ban['time']).'</b><br>
Дата освобождения: <b>'.date('d.m.Y в H:i',$ban['end']).'</b><br/>
Вы можете посетить нашу <a href="/modules/guest/index.php"><b>Гостевую книгу</b></a>
</div>';
require_once(root.'system/footer.php');
exit;
}
}
$reg = core::$dbs->queryFetch("SELECT * FROM `reg` WHERE `who` = ? LIMIT 1",array($user['id']));
if($reg!=0)
{
if($reg['ok'] == 0)
{
require_once(root.'system/header.php');
echo '<div class="podverh">';
echo '<div class="uv"><div class="sm"></div><div class="sm"></div><div class="co">Стоп!</div></div>';
echo '</div>';
echo ' <div class="start">';
echo '<div class="s"><div class="ss"><span><a href="/cab">Кабинет</a></span></div></div>';
echo '<div class="post1">
<font color="red"><b>Ваш аккаунт не активирован!</b></font>
</div>';
require_once(root.'system/footer.php');
exit;
}elseif($reg['ok'] == 2){
require_once(root.'system/header.php');
echo '<div class="podverh">';
echo '<div class="uv"><div class="sm"></div><div class="sm"></div><div class="co">Стоп!</div></div>';
echo '</div>';
echo ' <div class="start">';
echo '<div class="s"><div class="ss"><span><a href="/cab">Кабинет</a></span></div></div>';
echo '<div class="post1">
<font color="red"><b>Вы не были допущены на сайт!</b></font>
</div>';
require_once(root.'system/footer.php');
exit;
}
}
}
$id = isset($_GET['id']) ? abs((int)$_GET['id']) : '';
?>